Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233392e302f32342d3234203d3e20323033343436.roa
File: 38322e3133392e3233392e302f32342d3234203d3e20323033343436.roa (raw, json)
Hash identifier: 6cdzqN0Nj1kJ1PHqAdnkmsJapZ0G3QUvPy0s/NnhcVQ=
Subject key identifier: A5:39:5F:43:AE:0E:4D:45:5D:44:41:76:DB:A7:15:A4:BF:53:64:19
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 1FCAA6B89234039ABE0E8D12BD4FD5B2D1311E92
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233392e302f32342d3234203d3e20323033343436.roa
Signing time: Thu 04 Sep 2025 10:40:07 +0000
ROA not before: Thu 04 Sep 2025 10:35:07 +0000
ROA not after: Thu 03 Sep 2026 10:40:07 +0000
asID: 203446
IP address blocks: 82.139.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ca:a6:b8:92:34:03:9a:be:0e:8d:12:bd:4f:d5:b2:d1:31:1e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:07 2025 GMT
Not After : Sep 3 10:40:07 2026 GMT
Subject: CN=A5395F43AE0E4D455D444176DBA715A4BF536419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7d:04:44:7f:4b:f0:4c:07:25:65:07:94:ed:
65:f9:19:3c:56:8c:49:be:a5:d5:2d:94:c9:d0:76:
d9:d6:4d:4d:1d:61:5e:b3:fa:31:3a:94:3f:6f:9c:
9c:dc:c6:bf:fe:66:5e:01:8d:d8:b0:35:ba:0c:fd:
5b:84:e5:58:a2:e1:d9:4e:2c:ce:69:6d:fb:31:51:
1c:b7:9b:bd:c6:41:ba:21:ca:84:fa:9e:3e:79:fe:
ab:be:f6:35:fe:5c:11:23:09:83:e8:33:16:bf:5e:
64:2d:c1:f0:9f:cd:43:4f:4b:57:1c:7d:7c:31:28:
d4:95:55:85:21:f5:b8:0c:f5:36:77:a0:98:dd:38:
f0:f5:ac:9a:a6:67:8a:fe:60:cf:fc:34:08:a2:10:
80:2d:d8:c4:3c:50:a8:a5:3e:ae:41:d3:fe:b0:1b:
be:c9:d2:73:29:86:27:23:2c:a6:45:61:93:d7:4f:
a2:7f:fd:9f:fc:a7:1d:8a:f4:51:8a:c2:77:1d:63:
71:41:12:85:07:5d:52:dc:c5:b1:7c:7b:41:7e:82:
b2:05:94:0a:ce:9d:67:1b:07:c2:20:82:10:cb:84:
71:3f:4a:b5:3e:8b:a2:ed:b0:77:c7:f4:60:b1:85:
fc:2e:5b:4f:2a:11:af:4a:44:6a:88:f6:b9:d2:50:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:39:5F:43:AE:0E:4D:45:5D:44:41:76:DB:A7:15:A4:BF:53:64:19
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233392e302f32342d3234203d3e20323033343436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.239.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:20:fe:4a:4e:7b:67:c7:88:94:b3:56:5d:06:b6:19:f4:a3:
22:21:7b:44:61:5f:7c:02:4a:68:1a:d9:ed:f5:78:42:1b:fd:
af:17:d6:cb:e0:6f:2d:f2:ec:2b:ef:0e:ca:f5:27:87:87:15:
05:97:25:5c:a4:9c:df:d6:95:87:8d:92:b8:66:80:37:80:0b:
59:06:f4:f3:85:9e:64:e8:30:14:0f:bc:89:f4:af:86:cb:f9:
44:4d:b3:65:94:0c:80:52:d7:77:21:53:e8:6e:e6:be:51:9d:
7e:46:8b:79:39:ef:92:dd:8b:d9:3b:e8:cc:93:be:76:1e:c6:
58:5d:2e:4b:6d:c7:40:88:e4:e2:30:af:53:d9:49:41:a6:a7:
99:3d:1e:90:d4:e9:6c:1c:81:d9:0b:49:20:15:c4:f7:1a:86:
c2:5c:dc:46:52:cd:69:fc:31:f5:f8:66:08:bb:d8:eb:36:39:
44:98:25:d7:77:f5:f4:b2:48:76:41:25:e5:6e:cd:67:6b:07:
4b:8d:9b:42:69:3d:a9:99:47:5d:77:ee:90:39:3f:8e:3d:7e:
78:cd:ad:bb:c4:a9:2f:0e:af:07:30:57:68:76:bc:0f:97:ae:
ce:fc:45:5d:aa:70:7b:68:56:a0:29:36:c8:d8:25:ad:83:6f:
23:e4:0e:67
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUH8qmuJI0A5q+Do0SvU/VstExHpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDdaFw0yNjA5MDMxMDQwMDdaMDMxMTAvBgNV
BAMTKEE1Mzk1RjQzQUUwRTRENDU1RDQ0NDE3NkRCQTcxNUE0QkY1MzY0MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFfQREf0vwTAclZQeU7WX5GTxW
jEm+pdUtlMnQdtnWTU0dYV6z+jE6lD9vnJzcxr/+Zl4BjdiwNboM/VuE5Vii4dlO
LM5pbfsxURy3m73GQbohyoT6nj55/qu+9jX+XBEjCYPoMxa/XmQtwfCfzUNPS1cc
fXwxKNSVVYUh9bgM9TZ3oJjdOPD1rJqmZ4r+YM/8NAiiEIAt2MQ8UKilPq5B0/6w
G77J0nMphicjLKZFYZPXT6J//Z/8px2K9FGKwncdY3FBEoUHXVLcxbF8e0F+grIF
lArOnWcbB8IgghDLhHE/SrU+i6LtsHfH9GCxhfwuW08qEa9KRGqI9rnSUIiVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpTlfQ64OTUVdREF226cVpL9TZBkwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzNDM0MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSi+8wDQYJKoZIhvcNAQELBQADggEBAHog/kpOe2fHiJSzVl0Gthn0oyIhe0Rh
X3wCSmga2e31eEIb/a8X1svgby3y7CvvDsr1J4eHFQWXJVyknN/WlYeNkrhmgDeA
C1kG9POFnmToMBQPvIn0r4bL+URNs2WUDIBS13chU+hu5r5RnX5Gi3k575Ldi9k7
6MyTvnYexlhdLkttx0CI5OIwr1PZSUGmp5k9HpDU6WwcgdkLSSAVxPcahsJc3EZS
zWn8MfX4Zgi72Os2OUSYJdd39fSySHZBJeVuzWdrB0uNm0JpPamZR1137pA5P449
fnjNrbvEqS8OrwcwV2h2vA+Xrs78RV2qcHtoVqApNsjYJa2DbyPkDmc=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client